Calico: Full support in k8s datastore driver

Created on 8 Dec 2016  路  6Comments  路  Source: projectcalico/calico

This issue tracks full support for Calico datamodel in the k8s datastore driver + the ability to use that up through into all the main components.

i.e "You can run Calico policy + networking on k8s without needing an etcd just for Calico"

There are a few parts:

NetworkPolicy support:

  • [x] Support k8s policy in k8s datastore driver (Strictly the NetworkPolicy API)

    • [x] Support NetworkPolicy resource (Policy)

    • [x] Support Namespace annotations (Profile)

    • [x] Support Pod resource (WorkloadEndpoint) (For labels, etc)

  • [x] Support GlobalConfig in datastore driver (Global Calico configuration like log level, etc)
  • [x] Support IP pool resource (Outgoing NAT support)

Calico networking support phase 1:

  • [x] Support Node resource (@heschlie) (Required for BGP peering configuration, likely requires annotations on top of existing Node object). (https://github.com/projectcalico/libcalico-go/pull/354)
  • [x] Support BIRD configuration based on k8s API directly (@heschlie) (https://github.com/projectcalico/calicoctl/pull/1556)
  • [x] BGP Peer configuration supported through TPR (@heschlie).

This mode will support BGP full-mesh networking and the full set of ip-in-ip functionality. It won't yet support global / per-node BGP Peers or global AS configuration.

Calico networking support phase 2:

  • [x] Support BGP configuration (global/per-node peers, AS config, etc).
  • [x] Support Calico IPAM in k8s datastore driver. (https://github.com/projectcalico/libcalico-go/pull/1010)

Additional NetworkPolicy features:

  • [x] NetworkPolicy egress / CIDR support (@bcreane - v2.6)

Calico Policy features:

  • [x] Support for full Calico policy model (e.g. via calicoctl) incl. egress, ordering, etc. (https://github.com/projectcalico/libcalico-go/pull/523#event-1258062818) (v3.0-beta1)
  • [x] Support for host endpoints / host protection.

Other:

  • [x] Per-node Felix config supported (v3.0-beta1)

Most helpful comment

Merged IPAM code: https://github.com/projectcalico/libcalico-go/pull/1010

Going to close this, will be in Calico v3.6. :tada:

All 6 comments

@caseydavenport , is there any update on this issue?

We're almost done with phase 1 at this point

Yep. We're primarily focusing on networking support at the moment - planning on having BGP full-mesh mode and IP-in-IP supported for v2.2, with future BGP extensions added in subsequent releases.

Implementing the full Calico Policy model has not yet been started, though some design thinking has been done.

Since the ToR peering (with direct peering, not auto-magical full mesh) is your recommended BPG configuration, supporting that would be really fantastic. This is how we plan to deploy Calico, and would very much prefer to use in this way.

Thanks!

Merged IPAM code: https://github.com/projectcalico/libcalico-go/pull/1010

Going to close this, will be in Calico v3.6. :tada:

Was this page helpful?
0 / 5 - 0 ratings